[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Linux "NULL pointer dereferece" in the News...



Rahul Sundaram wrote:
On 07/19/2009 11:09 PM, Tom Horsley wrote:
http://blog.namei.org/2009/07/18/a-brief-note-on-the-2630-kernel-null-pointer-vulnerability/
Why on earth would I need an option named -fno-delete-null-pointer-checks?
If there is a null pointer check in the source code, then it is there for
a reason (maybe a bad reason, maybe a good one, but the compiler can't possibly
know which kind :-). There has got to be a fundamental compiler bug here,
and it is absurd to go adding compiler options that say "Oh, by the way,
please don't run into this particular bug."

What next? Will I need to compile with the options

--do-not-alter-meaning-of-line-1 --do-not-alter-meaning-of-line-2 ... ?

It is not so simple. This is not a compiler bug. I suggest you read
through http://lwn.net/Articles/341773/rss to understand why.

Rahul
Apparently, according to Brad Spengler, there are several
things he claims that are involved, Gcc, SELinux (which
causes PA exploits?), kernel issues (with structures?) and
he seemed to imply the ignorance of those "in charge" to
resolve these "exploits" and yet provides other issues which
he claims are still unresolved?

Is there anything to worry about as far as Fedora's
F1 --> F11 security being affected, if at all?



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]